HIPAA Blog

[ Wednesday, March 17, 2010 ]

Privacy versus open source medicine: I've noted often the dynamic tension between privacy and healthcare. The best privacy you can get is when nobody, including your doctor, gets your PHI; the best medicine you could get would be if everyone had access to your PHI (an "open source" arrangement, if you will) and could recommend possible solutions for your problems. Obviously, these are in direct conflict with each other, and HIPAA (and the healthcare industry) is constantly seeking the right balance.

Here's a story on how open source medicine might have helped a Harvard professor. However, just by a little social engineering, the identity of the patient got out. Sort of proves both parts of my point.

And here's a little more on social engineering. And the question of privacy. People breach their own privacy all the time, intentionally and unintentionally.